In the technical field of the authentication of persons, it is known to use a biometric authentication method. By analyzing a representation of a member, such a method verifies that a user is indeed an authorized person. Numerous members are candidates in that they are specific to a person. Thus such a member may be the finger, the eye, the palm, the face, etc.
During a preliminary and preparatory first phase, typically effected only once, a known biometric authentication method performs a first acquisition of the member, from a person, whose identity is certain, and extracts therefrom a representation that is referred to as a reference datum. This reference datum is stored, advantageously in a secure manner, on a memory medium, advantageously a secure element, associated with said person. In a second operational phase, repeated as many times as necessary, a user claiming to be said person attempts to authenticate himself or herself. The biometric authentication method performs a second acquisition of the member from the user and extracts therefrom a representation that is referred to as an acquisition datum. The biometric authentication method then performs a biometric comparison in order to determine if the acquisition datum and the reference datum are indeed two representations of the same member. If this comparison is positive, the user is authenticated and is considered to be the person.
The problem that can arise, and that the invention proposes to solve, is that an “intermediary” or “man in the middle” intercepts and copies an acquisition datum or one of its representations during an operational phase, typically by intercepting a communication between the acquisition means performing the biometric acquisition and a comparator performing the biometric comparison, and then submits this acquisition datum, short-circuiting the step of acquisition from the member, to attempt to obtain a positive authentication illegitimately.
It is desirable to modify the biometric authentication method in order to foil such a scenario.